Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b89ef106-4f67-43d2-8097-042feefa2424.roa
File: b89ef106-4f67-43d2-8097-042feefa2424.roa (raw, json)
Hash identifier: TQO2feY8XW+QW6OWM8Q67NbkLh7ysEGSSbYSi4LSmGA=
Subject key identifier: B5:6A:3F:D0:62:ED:DD:58:0B:78:D8:26:06:E6:3C:36:1E:6B:55:12
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2B7FEBD1AAB0451A5E348F35590CA7C5435DFEFA
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b89ef106-4f67-43d2-8097-042feefa2424.roa
Signing time: Sun 10 Mar 2024 00:00:00 +0000
ROA not before: Sun 10 Mar 2024 00:00:00 +0000
ROA not after: Sun 14 Apr 2024 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:7f:eb:d1:aa:b0:45:1a:5e:34:8f:35:59:0c:a7:c5:43:5d:fe:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 10 00:00:00 2024 GMT
Not After : Apr 14 23:59:59 2024 GMT
Subject: serialNumber=5bf76b041b5b8fd594a24cbc11c3935f5804497b4dd8eb46c145818d15b34ade, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8c:5f:ba:24:9d:4d:54:ef:01:16:cd:fd:9e:
8c:2a:7b:97:ca:a8:9a:d8:ac:77:c2:39:b2:66:7b:
eb:dd:4e:2f:07:1c:be:6e:dd:7a:96:7f:2e:9f:b9:
cd:80:9e:32:f2:66:81:b1:f7:8c:99:81:9f:49:8b:
f8:92:18:65:cc:77:83:8b:0f:bb:59:9d:dc:ee:30:
02:81:53:bc:1e:b2:71:d7:01:58:1c:87:cf:a7:f5:
d4:e1:78:87:96:3c:58:06:2d:1b:c3:c3:29:bb:c5:
c1:71:9b:1f:88:2e:be:c4:00:03:8f:88:cb:03:f9:
19:fa:fd:15:ae:b6:1e:0e:56:18:6a:04:25:c8:e4:
c6:1e:43:6b:ed:ab:15:30:a3:ad:c5:37:1c:49:e3:
ad:b6:5c:d0:2d:81:6c:c4:f8:ff:cc:db:99:87:19:
0a:ea:a3:c5:fd:e1:a4:2b:8b:43:8f:b3:bb:2a:c8:
09:cb:5a:fd:77:35:d3:c2:e2:bc:95:6f:1e:4a:3a:
8d:93:64:c7:f0:0e:77:32:a6:b6:cb:fc:21:15:5b:
71:bd:35:29:60:9c:8f:3e:fd:ce:85:96:ac:5f:2f:
ba:42:62:b4:89:c4:0e:3a:2a:89:a3:f9:44:7d:a5:
d0:a9:c3:f9:ee:3b:39:ee:a6:2b:93:6f:8e:d3:be:
89:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:6A:3F:D0:62:ED:DD:58:0B:78:D8:26:06:E6:3C:36:1E:6B:55:12
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/b89ef106-4f67-43d2-8097-042feefa2424.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:0f:5b:82:1e:c3:77:d9:33:b1:e4:44:1c:51:2d:6d:c0:72:
3e:69:43:cf:4a:db:f7:7c:1d:24:79:ab:d7:6c:34:b8:c0:47:
00:70:ed:29:26:8a:89:34:92:83:34:b4:81:50:07:22:6b:c3:
4e:81:7f:1a:64:d3:21:96:cc:64:15:cf:e4:1e:cf:67:ae:13:
d9:ae:fd:ea:9d:96:fd:e5:d8:eb:0e:88:ac:bf:57:39:d6:7d:
96:3e:db:7c:f6:a1:26:20:16:24:2f:2e:2b:7e:fa:c0:89:e4:
f3:d7:97:71:24:b1:50:38:f9:63:ee:66:56:95:7b:b7:6f:21:
1d:3a:ee:1d:23:df:94:a3:b0:ed:57:6a:4c:bc:ac:5d:94:32:
a5:51:97:02:19:29:8a:8d:c4:68:60:5b:da:ef:8d:c4:00:c4:
76:94:4b:7f:9e:df:76:f7:e5:ca:0e:c4:31:cc:d4:cb:4f:66:
83:d4:94:0d:04:ed:3a:0e:ef:24:6c:b8:28:72:4d:96:ed:99:
f7:db:10:46:f5:35:67:f0:ea:d4:78:82:42:e7:63:7f:be:c6:
33:c9:96:96:5c:46:51:0a:ff:96:2a:f5:99:72:8a:2d:0d:ad:
7e:15:35:ef:13:c6:2a:03:0c:e8:f6:1f:26:67:52:ca:3d:f1:
e8:d7:41:7d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUK3/r0aqwRRpeNI81WQynxUNd/vowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMzEwMDAwMDAwWhcNMjQwNDE0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1YmY3NmIwNDFiNWI4ZmQ1OTRhMjRjYmMxMWMzOTM1ZjU4
MDQ0OTdiNGRkOGViNDZjMTQ1ODE4ZDE1YjM0YWRlMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCLjF+6JJ1NVO8BFs39nowqe5fKqJrYrHfCObJme+vdTi8H
HL5u3XqWfy6fuc2AnjLyZoGx94yZgZ9Ji/iSGGXMd4OLD7tZndzuMAKBU7wesnHX
AVgch8+n9dTheIeWPFgGLRvDwym7xcFxmx+ILr7EAAOPiMsD+Rn6/RWuth4OVhhq
BCXI5MYeQ2vtqxUwo63FNxxJ4622XNAtgWzE+P/M25mHGQrqo8X94aQri0OPs7sq
yAnLWv13NdPC4ryVbx5KOo2TZMfwDncyprbL/CEVW3G9NSlgnI8+/c6FlqxfL7pC
YrSJxA46Komj+UR9pdCpw/nuOznupiuTb47TvokbAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUtWo/0GLt3VgLeNgmBuY8Nh5rVRIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2I4OWVmMTA2LTRmNjctNDNkMi04MDk3LTA0MmZlZWZhMjQyNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAI0PW4Iew3fZM7HkRBxRLW3Acj5p
Q89K2/d8HSR5q9dsNLjARwBw7Skmiok0koM0tIFQByJrw06Bfxpk0yGWzGQVz+Qe
z2euE9mu/eqdlv3l2OsOiKy/VznWfZY+23z2oSYgFiQvLit++sCJ5PPXl3EksVA4
+WPuZlaVe7dvIR067h0j35SjsO1Xaky8rF2UMqVRlwIZKYqNxGhgW9rvjcQAxHaU
S3+e33b35coOxDHM1MtPZoPUlA0E7ToO7yRsuChyTZbtmffbEEb1NWfw6tR4gkLn
Y3++xjPJlpZcRlEK/5Yq9Zlyii0NrX4VNe8TxioDDOj2HyZnUso98ejXQX0=
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:54:13 2025 by rpki-client